Skip Navigation
Follow up to the proposal for working on GDPR issues and moderation dashboard for Lemmy.
  • (I see my reply yesterday didn't federate; trying again from an alt instance)

    o hai. Curious that you expected a bunch of people to support you within a couple days. I never saw your proposal (buried in a comment thread in one post on lemmy). I'm only first hearing of this 6 hours after you specifically tagged me. I think you could do more to publish & advocate your proposals if you're serious about them..

    Before the incident described in the article you're referencing, I had never spoken to any instance admins. Since I published it, I have spoken to several instance admins (many reached out to me), and they all expressed similar frustrations with the lemmy devs and fatigue in contributing to this project.

    No matter how much people will tell you that something is important to them, the true test is seeing how many are willing to pay the asking price.

    I think it's important to consider that there's many ways that people contribute to Lemmy. Equally as important as the work that the devs are doing is the work that the instance admins are doing. Collectively the community of instance admins are contributing much more money and time into lemmy than the developers are. That shouldn't be discounted. Both should be appreciated.

    There are other ways that people take time out of their lives to support Lemmy, such as finding and filing bug reports, writing documentation, answering questions about the fediverse to new users, raising awareness about lemmy on other centralized platforms, etc. These are also all contributions that benefits the project. Don't discount them.

    But when our contributions are met with disrespect, it pushes us away. Based on my conversations with countless Lemmy contributors in the past few days, that's where a lot of people are. They don't want to invest any more time or money into Lemmy because of their previous interactions with the Lemmy devs.

    This can be repaired, but the Lemmy devs do need to work on fixing their Image Problem.

  • PSA: You can't delete photos uploaded to Lemmy. So don't (accidentally) upload a nude
  • Author here. A "KYC Selfie" is a selfie photo where you hold-up a State-issued photo-identity document next to your face. This is not a US-specific thing; it's also used in the EU.

    I used to work for a bank in Europe where we used KYC seflies for authentication of customers opening new accounts (or recovering accounts from lost credentials), including European customers. Most KYC Selfies are taken with a passport (where all the information is on one-side), but if your ID has data on both sides then the entity asking you for the KYC seflie may require you to take two photos: showing both sides.

    Some countries in the EU have cryptographic authentication with eIDs. The example I linked-to in the article is Estonia, who has made auth-by-State-issued-private-key mandatory for over a decade. Currently MEPs are deciding on an eID standard, which is targeting making eIDs a requirement for all EU Member States by 2016.

    I recommend the Please Identify Yourself! talk at 37c3 about the state of eID legislation as of Dec 2023 (and how to learn from India, who did eID horribly wrong):

  • PSA: You can't delete photos uploaded to Lemmy. So don't (accidentally) upload a nude
  • It would be possible to locally save the delete tokens of every image you upload, so that you can request that they be removed later. I don’t know of any clients that can do this yet, though (if someone knows of one, feel free to mention it).

    @sjmarf@sh.itjust.works I'm told Boost does this.

  • PSA: Upgrade your LUKS PBKDF to Argon2id !!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    2
    PSA: Upgrade your LUKS PBKDF to Argon2id!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    4
    PSA: Upgrade your LUKS PBKDF to Argon2id!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    0
    PSA: Upgrade your LUKS PBKDF to Argon2id!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    6
    PSA: Upgrade your LUKS PBKDF to Argon2id !!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    0
    PSA: Upgrade your LUKS PBKDF to Argon2id !!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    3
    Security News @infosec.pub maltfield @lemmy.ca
    PSA: Upgrade your LUKS PBKDF to Argon2id !!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    0
    PSA: Upgrade your LUKS PBKDF to Argon2id !!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    1
    Cryptography @infosec.pub maltfield @lemmy.ca
    PSA: Upgrade your LUKS PBKDF to Argon2id !!

    TIL the French government may have broken encryption on a LUKS-encrypted laptop with a "greater than 20 character" password in April 2023.

    • https://nantes.indymedia.org/posts/87395/une-lettre-divan-enferme-a-la-prison-de-villepinte-perquisitions-et-disques-durs-dechiffres/

    When upgrading TAILS today, I saw their announcement changing LUKS from PBKDF2 to Argon2id.

    • https://tails.boum.org/security/argon2id/index.en.html

    The release announcement above has some interesting back-of-the-envelope calculations for the wall-time required to crack a master key from a LUKS keyslot with PBKDF2 vs Argon2id.

    And they also link to Matthew Garrett's article, which describes how to manually upgrade your (non-TAILS) LUKS header to Argon2id.

    • https://mjg59.dreamwidth.org/66429.html
    0
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)MA
    maltfield @lemmy.ca
    Posts 9
    Comments 19